On Wed, Mar 2, 2011 at 06:16, Christopher Jefferson <chris@bubblescope.net> wrote:
The 'secure' flag at the moment I believe cannot be trusted to work. Compilers can, and do, optimise out memset if it can prove the memory will not be changed again.
[...]
The short answer is:
[...]
I'm not convinced that either of those answers are correct, since neither prevents the OS from swapping the memory to disk while it contains secret data. To me, it seems that Boost isn't the place for anything that claims to be "secure", since the community is unsufficiently skilled in interpretive dance: see <http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html>, or specifically <http://2.bp.blogspot.com/_Zfbv3mHcYrc/Sre5JqBKZyI/AAAAAAAABn8/Op-n-e0JVaA/s1600-h/aes_act_3_scene_02_agreement_1100.png> :) ~ Scott